diff --git a/CHANGELOG.md b/CHANGELOG.md index dd5cad4aa..59d370762 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,8 @@ # Changelog +- [p2p] remove `auth_enc` config option, peer connections are always auth + encrypted + ## 0.19.7 BREAKING: diff --git a/config/config.go b/config/config.go index aabc3d05a..576554809 100644 --- a/config/config.go +++ b/config/config.go @@ -287,9 +287,6 @@ type P2PConfig struct { // Does not work if the peer-exchange reactor is disabled. SeedMode bool `mapstructure:"seed_mode"` - // Authenticated encryption - AuthEnc bool `mapstructure:"auth_enc"` - // Comma separated list of peer IDs to keep private (will not be gossiped to other peers) PrivatePeerIDs string `mapstructure:"private_peer_ids"` @@ -310,7 +307,6 @@ func DefaultP2PConfig() *P2PConfig { RecvRate: 512000, // 500 kB/s PexReactor: true, SeedMode: false, - AuthEnc: true, AllowDuplicateIP: true, // so non-breaking yet } } diff --git a/config/toml.go b/config/toml.go index 3f4c7dda6..69356ff66 100644 --- a/config/toml.go +++ b/config/toml.go @@ -165,9 +165,6 @@ pex = {{ .P2P.PexReactor }} # Does not work if the peer-exchange reactor is disabled. seed_mode = {{ .P2P.SeedMode }} -# Authenticated encryption -auth_enc = {{ .P2P.AuthEnc }} - # Comma separated list of peer IDs to keep private (will not be gossiped to other peers) private_peer_ids = "{{ .P2P.PrivatePeerIDs }}" diff --git a/docs/examples/node0/config/config.toml b/docs/examples/node0/config/config.toml index a1893c65d..a8633b64a 100644 --- a/docs/examples/node0/config/config.toml +++ b/docs/examples/node0/config/config.toml @@ -103,9 +103,6 @@ pex = true # Does not work if the peer-exchange reactor is disabled. seed_mode = false -# Authenticated encryption -auth_enc = true - # Comma separated list of peer IDs to keep private (will not be gossiped to other peers) private_peer_ids = "" diff --git a/docs/examples/node1/config/config.toml b/docs/examples/node1/config/config.toml index c298be9ee..7c3eb473e 100644 --- a/docs/examples/node1/config/config.toml +++ b/docs/examples/node1/config/config.toml @@ -103,9 +103,6 @@ pex = true # Does not work if the peer-exchange reactor is disabled. seed_mode = false -# Authenticated encryption -auth_enc = true - # Comma separated list of peer IDs to keep private (will not be gossiped to other peers) private_peer_ids = "" diff --git a/docs/examples/node2/config/config.toml b/docs/examples/node2/config/config.toml index cedd91b53..a516020ac 100644 --- a/docs/examples/node2/config/config.toml +++ b/docs/examples/node2/config/config.toml @@ -103,9 +103,6 @@ pex = true # Does not work if the peer-exchange reactor is disabled. seed_mode = false -# Authenticated encryption -auth_enc = true - # Comma separated list of peer IDs to keep private (will not be gossiped to other peers) private_peer_ids = "" diff --git a/docs/examples/node3/config/config.toml b/docs/examples/node3/config/config.toml index 7e04b0c39..0643f9285 100644 --- a/docs/examples/node3/config/config.toml +++ b/docs/examples/node3/config/config.toml @@ -103,9 +103,6 @@ pex = true # Does not work if the peer-exchange reactor is disabled. seed_mode = false -# Authenticated encryption -auth_enc = true - # Comma separated list of peer IDs to keep private (will not be gossiped to other peers) private_peer_ids = "" diff --git a/docs/spec/p2p/peer.md b/docs/spec/p2p/peer.md index 2b8c48c16..3cda0c8a4 100644 --- a/docs/spec/p2p/peer.md +++ b/docs/spec/p2p/peer.md @@ -17,9 +17,6 @@ We will attempt to connect to the peer at IP:PORT, and verify, via authenticated encryption, that it is in possession of the private key corresponding to ``. This prevents man-in-the-middle attacks on the peer layer. -If `auth_enc = false`, peers can use an arbitrary ID, but they must always use -one. Authentication can then happen out-of-band of Tendermint, for instance via VPN. - ## Connections All p2p connections use TCP. diff --git a/docs/specification/configuration.rst b/docs/specification/configuration.rst index 2282095b2..e84183d7b 100644 --- a/docs/specification/configuration.rst +++ b/docs/specification/configuration.rst @@ -122,9 +122,6 @@ like the file below, however, double check by inspecting the # Does not work if the peer-exchange reactor is disabled. seed_mode = false - # Authenticated encryption - auth_enc = true - # Comma separated list of peer IDs to keep private (will not be gossiped to other peers) private_peer_ids = "" diff --git a/docs/specification/secure-p2p.rst b/docs/specification/secure-p2p.rst index 2110c835b..de95f0cf0 100644 --- a/docs/specification/secure-p2p.rst +++ b/docs/specification/secure-p2p.rst @@ -65,9 +65,7 @@ are connected to at least one validator. Config ------ -Authenticated encryption is enabled by default. If you wish to use another -authentication scheme or your peers are connected via VPN, you can turn it off -by setting ``auth_enc`` to ``false`` in the config file. +Authenticated encryption is enabled by default. Additional Reading ------------------ diff --git a/node/node.go b/node/node.go index 1bd382eb8..5cae4a4b1 100644 --- a/node/node.go +++ b/node/node.go @@ -269,9 +269,6 @@ func NewNode(config *cfg.Config, // but it would still be nice to have a clear list of the current "PersistentPeers" // somewhere that we can return with net_info. // - // Let's assume we always have IDs ... and we just dont authenticate them - // if auth_enc=false. - // // If PEX is on, it should handle dialing the seeds. Otherwise the switch does it. // Note we currently use the addrBook regardless at least for AddOurAddress addrBook := pex.NewAddrBook(config.P2P.AddrBookFile(), config.P2P.AddrBookStrict) diff --git a/p2p/peer.go b/p2p/peer.go index 742fad656..29f424653 100644 --- a/p2p/peer.go +++ b/p2p/peer.go @@ -116,8 +116,6 @@ func newPeer(pc peerConn, nodeInfo NodeInfo, // PeerConfig is a Peer configuration. type PeerConfig struct { - AuthEnc bool `mapstructure:"auth_enc"` // authenticated encryption - // times are in seconds HandshakeTimeout time.Duration `mapstructure:"handshake_timeout"` DialTimeout time.Duration `mapstructure:"dial_timeout"` @@ -132,7 +130,6 @@ type PeerConfig struct { // DefaultPeerConfig returns the default config. func DefaultPeerConfig() *PeerConfig { return &PeerConfig{ - AuthEnc: true, HandshakeTimeout: 20, // * time.Second, DialTimeout: 3, // * time.Second, MConfig: tmconn.DefaultMConnConfig(), @@ -159,7 +156,7 @@ func newOutboundPeerConn(addr *NetAddress, config *PeerConfig, persistent bool, } // ensure dialed ID matches connection ID - if config.AuthEnc && addr.ID != pc.ID() { + if addr.ID != pc.ID() { if err2 := conn.Close(); err2 != nil { return pc, cmn.ErrorWrap(err, err2.Error()) } @@ -187,17 +184,15 @@ func newPeerConn(rawConn net.Conn, conn = FuzzConnAfterFromConfig(conn, 10*time.Second, config.FuzzConfig) } - if config.AuthEnc { - // Set deadline for secret handshake - if err := conn.SetDeadline(time.Now().Add(config.HandshakeTimeout * time.Second)); err != nil { - return pc, cmn.ErrorWrap(err, "Error setting deadline while encrypting connection") - } + // Set deadline for secret handshake + if err := conn.SetDeadline(time.Now().Add(config.HandshakeTimeout * time.Second)); err != nil { + return pc, cmn.ErrorWrap(err, "Error setting deadline while encrypting connection") + } - // Encrypt connection - conn, err = tmconn.MakeSecretConnection(conn, ourNodePrivKey) - if err != nil { - return pc, cmn.ErrorWrap(err, "Error creating peer") - } + // Encrypt connection + conn, err = tmconn.MakeSecretConnection(conn, ourNodePrivKey) + if err != nil { + return pc, cmn.ErrorWrap(err, "Error creating peer") } // Only the information we already have diff --git a/p2p/peer_test.go b/p2p/peer_test.go index 22913f2de..435c941fe 100644 --- a/p2p/peer_test.go +++ b/p2p/peer_test.go @@ -41,32 +41,10 @@ func TestPeerBasic(t *testing.T) { assert.Equal(rp.ID(), p.ID()) } -func TestPeerWithoutAuthEnc(t *testing.T) { - assert, require := assert.New(t), require.New(t) - - config := DefaultPeerConfig() - config.AuthEnc = false - - // simulate remote peer - rp := &remotePeer{PrivKey: crypto.GenPrivKeyEd25519(), Config: config} - rp.Start() - defer rp.Stop() - - p, err := createOutboundPeerAndPerformHandshake(rp.Addr(), config) - require.Nil(err) - - err = p.Start() - require.Nil(err) - defer p.Stop() - - assert.True(p.IsRunning()) -} - func TestPeerSend(t *testing.T) { assert, require := assert.New(t), require.New(t) config := DefaultPeerConfig() - config.AuthEnc = false // simulate remote peer rp := &remotePeer{PrivKey: crypto.GenPrivKeyEd25519(), Config: config} diff --git a/p2p/switch.go b/p2p/switch.go index 69a7badbd..939af0bbf 100644 --- a/p2p/switch.go +++ b/p2p/switch.go @@ -95,7 +95,6 @@ func NewSwitch(config *cfg.P2PConfig) *Switch { sw.peerConfig.MConfig.SendRate = config.SendRate sw.peerConfig.MConfig.RecvRate = config.RecvRate sw.peerConfig.MConfig.MaxPacketMsgPayloadSize = config.MaxPacketMsgPayloadSize - sw.peerConfig.AuthEnc = config.AuthEnc sw.BaseService = *cmn.NewBaseService(nil, "P2P Switch", sw) return sw @@ -534,10 +533,6 @@ func (sw *Switch) addPeer(pc peerConn) error { return err } - // NOTE: if AuthEnc==false, we don't have a peerID until after the handshake. - // If AuthEnc==true then we already know the ID and could do the checks first before the handshake, - // but it's simple to just deal with both cases the same after the handshake. - // Exchange NodeInfo on the conn peerNodeInfo, err := pc.HandshakeTimeout(sw.nodeInfo, time.Duration(sw.peerConfig.HandshakeTimeout*time.Second)) if err != nil { @@ -547,13 +542,14 @@ func (sw *Switch) addPeer(pc peerConn) error { peerID := peerNodeInfo.ID // ensure connection key matches self reported key - if pc.config.AuthEnc { - connID := pc.ID() - - if peerID != connID { - return fmt.Errorf("nodeInfo.ID() (%v) doesn't match conn.ID() (%v)", - peerID, connID) - } + connID := pc.ID() + + if peerID != connID { + return fmt.Errorf( + "nodeInfo.ID() (%v) doesn't match conn.ID() (%v)", + peerID, + connID, + ) } // Validate the peers nodeInfo